Contents

Desktop

I began my Linux journey 16 months ago with only one certainty: I didn’t want to use Windows for the rest of my life. I’ve remained in a constant state of exploration and discovery in the pursuit of finding that “forever distro.” You know, the one to rule them all. The perfect Linux OS that’s stable, checks all those feature boxes, slides effortlessly into every scenario and is just plain fun to use on a daily basis.

I greet you today with a sobering and unexpected conclusion: it doesn’t exist. At least not for me.

This is obviously a subjective statement, but give me a few minutes to explain what’s changed my mind, and why I’m starting to view this “distro hunt” mentality through a different lens.

The PinePhone is a $149 smartphone designed to run free and open source operating systems such as PostmarketOS, Ubuntu Touch, KDE Plasma Mobile, LuneOS, or Sailfish OS.

First unveiled in January, the PinePhone has been under development ever since — and the first pre-production phones were supposed to ship to developers in September.

After encountering several delays, Pine64 says those developer phones are going to start shipping this week — and on November 15th the company will begin taking pre-orders for the first PinePhone 64 Brave Heart Edition smartphones, which are set to ship in December.

Google announced today that its Linux-based Chrome OS operating system for Chromebooks now finally supports virtual workspaces with the latest release.
With the upcoming Chrome OS 78 release, the Linux-powered Chromebook operating system will finally bring support for virtual desktops. A multitask feature, virtual workspaces has been around for years on Linux, Mac, and Windows operating systems, helping users better organize their workspaces and be more productive, but Chrome OS is just getting Virtual Desks now.

“Use this feature to create helpful boundaries between projects or activities. If you’re working on multiple projects, you can dedicate a desk to each one. Or if you like to take a break during the workday, you could create a desk for web browsing or gaming. If you’re a student, you can create a different desk for each class,” said Alexander Kuscher, Director of Chrome OS Software at Google.

Bill Zaumen submitted multiple entries as well. Our favorite was an application he created that can encrypt his information to a backup device using GNU Privacy Guard (GPG). As he explains in his email submission: “The drive contains a very large encrypted file containing a LUKS file system, a long (32 byte) LUKS key that was created with a random number generator and that is encrypted using GPG, plus a directory that can be used as the mount point.”

Server

IBM

We’ve recently added several feedback loops aimed at increasing customer and community involvement in order to better understand how developers create, build, manage, test, and deploy their applications on and for Red Hat OpenShift.

Participating in a design sprint with colleagues at Greenpeace reminded me of that. As I explained in the first two parts of this series, learning to think, plan, and work the open way is helping us build something truly great—a new, global platform for engaging activists who want to take action on behalf of our planet.

The sprint experience (part of a collaboration with Red Hat) reinforced several lessons about openness I’ve learned throughout my career as an advocate for open source, an architect of change, and a community organizer.

In the face of changing technology demands, local municipalities and federal governments alike can struggle to keep existing infrastructure operational while striving to meet the growing need to support their communities with advanced technologies. These can include 5G, artificial intelligence (AI) / machine learning (ML) and Internet of Things (IoT), all critical pieces that meet constituent demands for better, faster and more efficient services, but also come with steep IT requirements. 5G infrastructure alone necessitates an unprecedented physical footprint at a street and building level in order to serve the number of IoT devices anticipated to be operating on 5G networks. That number is projected to be as high as 1,000,000 devices per square kilometer (roughly the size of four city blocks).

IoT and 5G technologies are key components in creating smart cities, where data from sensors, cameras, and specialized connected devices must be processed in real-time to provide insight and assistance with traffic congestion management, crime prevention, and asset and property maintenance. But smart cities are just one symptom of a growing challenge facing public sector organizations. The bigger question is: How do these organizations address the need for computing demand outside their core datacenter, at the literal edge of the network? Adding to this complexity is the proliferation of microservices-based, cloud native applications running on container management Kubernetes platforms, a wholesale sea of change in how traditional IT operations are conducted.

Last week we celebrated the 25th anniversary of Red Hat’s inaugural Halloween release. This week? We’ve got Red Hat Enterprise Linux 8.1 hitting the streets on schedule and ready to take on your toughest workloads. In RHEL 8.1 we have some new tools, live kernel patching, a new system role, and more. Here’s a quick preview of the highlights in RHEL 8.1.

For Red Hat Insights, 2019 has been an exceptional year. Insights provides proactive management and remediation guidance as a Software-as-a-Services (SaaS) solution, and this has become available as part of the Red Hat Enterprise Linux (RHEL) subscription to add new value to this already strong subscription. Our customers are showing their appreciation for this value as we can see in its robust growth in adoption. Since being announced at Red Hat Summit, we have continued to innovate on Insights and I want to update you on some key enhancements.

[...]

Once you register the Insights client, you can browse the rules section to see specific risks on your own environments. You can also look on a system-by-system basis to see which systems have matched these rules and most require your attention. As shown in the screenshot below, you can uncheck the “Show rules with hits” box at the top if you want to see the breadth of these 1,000+ rules, regardless of whether there is a match for them on your RHEL environments. (See Figure 1.)

Red Hat, Inc., the world’s leading provider of open source solutions, today announced the general availability of Red Hat Enterprise Linux 8.1, the latest version of the world’s leading enterprise Linux platform. The first minor release of the Red Hat Enterprise Linux 8 platform, Red Hat Enterprise Linux 8.1 enhances the manageability, security and performance of the operating system underpinning the open hybrid cloud while also adding new capabilities to drive developer innovation.

Red Hat Enterprise Linux 8.1 is here to deliver more intelligent management through enhanced automation, new enterprise-grade security enhancements, updated drivers for better hardware support, greater developer productivity, as well as yet another layer of performance enhancements to keep the Red Hat Enterprise Linux 8 operating system a reliable, stable, and secure platform for hybrid clouds and other enterprise environments.

Highlights of Red Hat Enterprise Linux 8.1 include container-centric SELinux profiles to allow system administrators to create security policies that are more tailored to their needs for better control over container access of a host system’s resources, such as compute, network, and storage, as well as application whitelisting, which lets sysadmins be more selective of the applications that are allowed to be launched on a machine, reducing the risk of malicious apps.

Red Hat this morning announced the release of Red Hat Enterprise Linux 8.1, the first update to RHEL8 since its general availability in May.

Arguably most notable with RHEL 8.1 is that kernel live-patching is now officially supported on RHEL for applying kernel security updates without reboots. This comes after Red Hat for years has worked on Kpatch and the in-kernel live-patching infrastructure.

Red Hat, Inc. today announced the general availability of Red Hat Enterprise Linux 8.1, the latest version of the world’s leading enterprise Linux platform. The first minor release of the Red Hat Enterprise Linux 8 platform, Red Hat Enterprise Linux 8.1 enhances the manageability, security and performance of the operating system underpinning the open hybrid cloud while also adding new capabilities to drive developer innovatio

Six months after Red Hat released the most recent major update of its flagship operating system, Red Hat Enterprise Linux (RHEL) 8, the first minor RHEL 8 release of the RHEL 8.1 brings significant improvements to manageability, security, and hybrid cloud performance.

First and foremost, in my mind, RHEL 8.1 8.1 now has full support for live kernel patching. You can now update your Linux kernel for Critical or Important Common Vulnerabilities and Exposures (CVEs) without needing to go to the trouble of a system reboot. This keeps your system up and running even serious security bugs are patched behind the scenes.

Kernel Space

The Linux 5.5 kernel due out as stable in early 2020 will finally have mainline support for the MIPS-powered SGI Octane and Octane II workstations that originally ran with SGI’s IRIX operating system about two decades ago.

There have been out-of-tree patches for running Linux on the SGI Octane MIPS-based systems while Linux 5.5 is set to finally have this support mainlined for these two decade old workstations should you still be running the hardware and looking for something else besides IRIX or support in other platforms like OpenBSD. Mind you, these workstations were already succeeded by the SGI Octane III a decade ago with Intel x86.

Several weeks ago we wrote about a kernel fix for Linux 5.4 to address performance issues for highly-threaded Linux software running under CFS quotas. The fix can yield up to a 30x improvement in performance and one company estimated the impact of the bug cost them at least $1.5 million USD in extra resources/hardware. But now it looks like it will soon appear in a Linux 5.3 point release and possible back-ports to earlier kernels.

The CFS quota performance issue was spotted with Kubernetes workloads that make use of a CFS scheduler quota to restrict CPU shared resources. The bug was highly-threaded software in turn not getting their fair access to the CPU leading to higher latency and lower performance.

Instructionals/Technical

Given the recent surge in popularity of open source data science projects like pandas, NumPy, and Matplotlib, it’s probably no surprise that the increased level of interest is generating user complaints about documentation. To help shed light on what’s at stake, we talked to someone who knows a lot about the subject: Thomas Caswell, the lead developer of Matplotlib.

Matplotlib is a flexible and customizable tool for producing static and interactive data visualizations since 2001 and is a foundational project in the scientific Python stack. Matplotlib became a NumFOCUS-sponsored project in 2015.

Tom has been working on Matplotlib for the past five years and got his start answering questions about the project on Stack Overflow. Answering questions became submitting bug reports, which became writing patches, which became maintaining the project, which ultimately led to him becoming the lead developer.

It’s common for large open source projects to have information scattered around various repos or duplicated between repos. Sometimes groups work in silos, and information is not shared. Other times, a person leaves to work on a different project without passing on specialized knowledge. Documentation gaps exist and may never be rectified because of higher priority items. So new contributors may have difficulty finding basic information, such as meeting details.

Attending SIG Docs meetings is a great way to become involved. However, people have had a hard time locating the meeting URL. Most new contributors ask in the #sig-docs channel, but I decided to locate the meeting information in the docs. This required several clicks over multiple pages. How many new contributors miss meetings because they can’t locate the meeting details?

Games

In the grand finale to the Tomb Raider origins trilogy, players take on the role of Lara Croft as she battles through the impenetrable jungles of Central America, explores underwater environments filled with crevasses and tunnels, and takes on the deadly organisation known as Trinity.

UK-based video games publisher Feral Interactive announced today that official availability of the Shadow of the Tomb Raider video game on Linux and macOS platforms.

Developed by Crystal Dynamics and Eidos-Montréal, Shadow of the Tomb Raider was launched on September 14, 2018, as the last instalment in the spectacular and thrilling action-adventure puzzle game Tomb Raider origins trilogy. It’s also the twelfth title in the Tomb Raider series featuring the famous character Lara Croft.

In this game, players will adventure into a Maya apocalypse world where they need shape Lara’s destiny to become the Tomb Raider. As of today, Linux and Mac users can download and play Shadow of the Tomb Raider on their computers thanks to Feral Interactive, which ported it to these platforms.

Shadow of the Tomb Raider Definitive Edition from Crystal Dynamics, Eidos Montréal and Square Enix has been released today with a Linux port available from Feral Interactive.

If you’re in the camp of preferring the first Tomb Raider reboot to Rise of the Tomb Raider, fear not, as Shadow of the Tomb Raider is apparently much better. However, I think you’re all rather odd as I thoroughly enjoyed the first two games. That’s okay though, different opinions on fun are what keep the world going. It’s fantastic to see Linux get the full trilogy, since we often miss out.

Bridge Constructor Portal was a surprise highlight when it released in 2017, an unlikely crossover between two completely different games and it worked. Thanks to the positive reception, more is coming with a twist.

Flux Caves is like playing with a massive set of marbles, only someone came along and pulled a bunch of pieces out and you have to put it back together.

Quite a relaxing puzzle game, not too taxing on the mind and it’s quite nice to look at too. Watching the balls roll through the tunnels, as you appreciate a job well done on fixing it. It released earlier this year and it has Linux support, however like a lot of indie games it flew under the radar for most. Not seen it? There’s a brief trailer you can see below:

KDE plasma is one of the most featured-rich and beautiful Linux desktop environments. It is also the most customizable desktop environment that I have ever used. Recently, it received a new update Plasma 5.17 with a number of new features and improvements.

We’re in autumn for a little while now and not quite winter yet… It’s time for another post about KDE PIM! I’ll be your host to cover September and October and will try to follow in the footsteps of my peers who did a great job the past few months. Unlike Franck, I won’t start with the stats though, you’ll get that at the end. Is it obvious that I’m trying to make sure the stats addicts read through.

After the recent release was finalised, there is some time now to have a (very) short break in the development, to take care of some organizational topics around the project and to set the development priorities for the next release. But there is also some time now to look back at where we started several years ago and where we are now. In this blog post we want to look at the history of the code base.

LabPlot is quite an old project started long time ago, back in KDE3 times. One of the important milestones of this project was the complete rewrite using Qt4/KDELibs4 in 2008. This is when new developers joined the project, at least for a certain period in time, and when the jump from 1.x to 2.x release versioning was done for LabPlot. Starting from zero and lacking a lot of features in the 2.0 release, we gradually evolved release by release by implementing new features and by improving the code base.

What happens is this: we build Krita, then we create an app bundle. Then we zip up the krita.app bundle and transfer the zip file to Apple, which then checks whether Krita uses any forbidden API’s or contains its own html rendering engine and other such things that are highly dangerous for the well-being of the computers it allows its customers to use. Then we get a long string of numbers and letters back, which we can use to periodically check whether Apple is done checking. This can take ages, or happen relatively quickly. Then we need to execute a command to “staple” Apple’s imprimatur to the app bundle.

GNOME Desktop/GTK

With the GNOME 3.34 “Thessaloniki” release out the door and the upcoming GNOME 3.36 “Gresik” in the works, the GNOME Project is planning on the next GUADEC conferences, namely GUADEC 2020 and GUADEC 2021, which will take place in the summer of 2020 and 2021 in Zacatecas, Mexico, and Riga, Latvia, respectively.

“Recognizing our flagship conference as something that should move throughout the world is important. We hope to not only make it easier for people from North, Central, and South America to attend, but to help kick-start local participation in the GNOME project,” said Neil McGovern, the GNOME Executive Director.

EndeavourOS is an Arch Linux-based distribution featuring a pre-configured Xfce desktop 4.14 and the Calamares graphical installer. The project’s latest snapshot, 2019.09.15, features many package updates, a more complete Arch-x icon set, and the NVIDIA driver installer is included by default.

“The September release has arrived. As of today, you can download our latest ISO with an updated offline installer. The ISO contains Linux kernel 5.2.14; mesa 19.1.6; systemd 243.0; Firefox 69 (Quantum); Arc-x-icons, a more complete and updated version than the Arc icon set used previously.

SUSE/OpenSUSE

Since establishing themselves as a key open source consultancy for the Middle East, Optim8 Solutions, based out of the UAE, have dedicated themselves to delivering end-to-end open source solutions – from planning all the way to continuous deployment.

Fedora Family

As mentioned in an earlier blogpost, I have been working on fixing many games showing a small image centered on a black background when they are run fullscreen under Wayland. In that blogpost I was moslty looking at how to solve this for native Wayland games. But for various reasons almost all games still use X11, so instead I’ve ended up focussing on fixing this for games using Xwayland.

Xwayland now has support for emulating resolution changes requested by an app through the randr or vidmode extensions. If a client makes a resolution change requests this is remembered and if the client then creates a window located at the monitor’s origin and sized to exactly that resolution, then Xwayland will ask the compositor to scale it to fill the entire monitor.

For apps which use _NET_WM_FULLLSCREEN (e.g. SDL2, SFML or OGRE based apps) to go fullscreen some help from the compositor is necessary. This is currently implemented in mutter. If you are a developer of another compositor and have questions about this, please drop me an email.

As I stated above that the Fedora focuses on providing cutting-edge technology in each new release. In Fedora 31 also, there is not much that users will notice instantly after installing/upgrading. But that should not stop anyone from upgrading to Fedora 31. It has got all the latest software, bug fixes, and security fixes.

The Fedora community generates a bunch of deliverables for users. The main ones, of course, are the primary editions: the workstation, the server edition, CoreOS, Silverblue, IoT. They can all be obtained from the community website at https://getfedora.org.

All of these are ready to use and have gone through a thorough development cycle that includes a stringent Quality Assurance (QA) cycle. These are “live”, so they can either either be used directly off the ISO image without having to install them, or they can be used to install a Fedora based system. Them being “live” makes them a great tool for temporary work—grab an ISO, start up a virtual machine, use Fedora to do your work, destroy the virtual machine when done.

While these are the main deliverables, the Fedora community also generates other media for our diverse user base. These are classified as Spins and Labs. While the Workstation is based on the GNOME desktop environment, Spins provide Fedora users other desktop environment based images: KDE, LXQT, XFCE, Mate, Cinnamon, Sugar on a stick (SAOS). Labs are similar, but instead of focussing on the desktop environment, they include customised sets of software required for particular purposes: Astronomy, Design, Python, Security, Robotics.

How about Fedora? Well, Fedora was ever present during the event. We placed gadgets on the registration desk, dedicated a special lunch menu entry, tried to install it everywhere we could put our hands on people PCs. We also used Fedora to win a Cybersecurity challenge! You may ask: how did we do so many things? Don’t worry, let’s see them with some quick photos 🙂

Canonical/Ubuntu Family

Canonical’s Ubuntu Advantage client is a command-line client pre-installed on all Ubuntu Linux releases that works via single-token access to allow users to access Canonical’s Ubuntu Advantage for Infrastructure services, such as Extended Security Maintenance (ESM) and Kernel Livepatch, which include patches for high and critical security vulnerabilities.

“The UA client for ‘Trusty Tahr’ enables easy access to Extended Security Maintenance (ESM) and Kernel Livepatch (requires HWE kernel). ESM provides fixes for high and critical CVEs for the most commonly used server packages in the Ubuntu main archive, and Livepatch permits users to apply critical kernel patches without rebooting,” said Canonical.

The UA client comes pre-installed on Ubuntu systems, with the updated client available for Ubuntu 14.04 LTS users and coming soon for Ubuntu 16.04 LTS and 18.04 LTS. For users with updated 14.04 systems, simply run the ua command to quickly get started with key security and compliance services and tools. All users are entitled to a free account for up to three machines, and up to 50 machines for Ubuntu community members.

The UA client for ‘Trusty Tahr’ enables easy access to Extended Security Maintenance (ESM) and Kernel Livepatch (requires HWE kernel). ESM provides fixes for high and critical CVEs for the most commonly used server packages in the Ubuntu main archive, and Livepatch permits users to apply critical kernel patches without rebooting. Access to these services ensures systems remain patched against security vulnerabilities.

Devices/Embedded

SUSI.AI aims at bringing a privacy aware personal assistant onto all of your devices. It runs on Android phones, desktop computers, and RaspberryPi based smart speakers. With the switch to Debian/buster, a lot of problems creeped in and the main application became extremely unstable, crashing in libportaudio2 with very unclear symptoms. Thanks to hint by Felix Yan we were able to fix libportaudio2 locally, and finally got a working and stable image.

During the last summer, a great team of GSoC students have worked on SUSI.AI in general, and on the smart speaker in particular. At the moment SUSI.AI can be installed onto RaspberryPi as well as any Debian based distribution (in particular Debian/buster and Ubuntu 19.04 upward).

Intel’s 8-core, 2.0GHz/2.6GHz Xeon D-1548 has a 12MB cache and a 45W TDP. The ACM-XD15MT module is aimed at “space-constrained systems requiring increased density and reduced power consumption such as virtualization, edge computing or other industrial applications,” says Acrosser.

Wind River has released a major update to its Wind River Simics simulation and testing platform for Wind River Linux. The new Simics offers ease of use and performance enhancements, including 20 percent faster simulation times.

One reason some embedded vendors pony up the big bucks for the Yocto-based Wind River Linux rather than developing from scratch using Yocto or tapping a generic Linux distro such as Ubuntu is Wind River’s extensive array of professionals services and development platforms. One of these value-added platforms is Wind River Simics, a mature simulation and testing platform that was recently integrated with Wind River Helix Virtualization Platform, a cloud-managed edge computing umbrella platform for both Wind River Linux and Wind River VxWorks.

PureOS 8.0 is Purism’s in-house developed operating system based on the well-known Debian GNU/Linux OS, which the company is currently deploying on all of their Librem laptops, as well as the Librem 5 smartphone. Until now, PureOS was delivered only as a rolling release where you install once and receive updates forever.

PureOS 8.0 based on Debian 10, using GNOME 3.30 as default desktop environment and powered by Linux Kernel 4.19 series. PureOS also comes bundled with a few desktop apps preinstalled for users, but its software library contains thousands of other apps they can install. All apps are Free Software

Linux Foundation

LF Edge, the host of EdgeX Foundry project, collaborated with RILA to organize a two-day hackathon for developers to build IoT solutions for the retail-use cases. The goal of the hackathon was to use EdgeX Foundry and other open source projects to solve some of the most pressing retail problems in the most innovative and creative manner.

Productivity Software/LibreOffice/Calligra

LaTeX is a professional document preparation system and document markup language written by Leslie Lamport. It’s a very mature system with development starting more than 30 years ago.

LaTeX is widely used in the publication of scientific documents in many disciplines, such as mathematics, statistics, physics, economics, political science. It helps an author produce professional looking documents, papers, and books that are perfectly typeset. The formatted works are consistent, accurate, and reusable. It’s particularly suited to the production of long articles and books, as it has facilities for the automatic numbering of chapters, sections, theorems, equations etc., and also has facilities for cross-referencing. LaTeX is not a WYSIWYG system.

Styles are the essence of a text processor. And while experts love to unleash the power of LibreOffice Writer, it’s at the same time a major source of nuisance. In particular when you receive documents from other people, it can be quite difficult to understand the applied formatting and to fix issues around. This posting presents two ideas for improved feedback.

to start work as soon as possible. TDF is looking for an individual or company to give technical consultancy on ensuring that LibreOffice will properly implement the Open Document Format (ODF) version 1.3 for both importing and exporting.

Pseudo-Open Source (Openwashing)

BSD

FreeBSD is a Unix-like operating system that includes security, native ZFS file system, built-in DTrace, Jails, and excellent network performance. Many companies have customized their own products based on FreeBSD’s system layer. Some of the big names include macOS, iOS, OPNsense, pfSense, FreeNAS among others.

Especially after the release of the 12.0 version of the software, the entire system has very good stability and has been significantly improved in performance.

Now, FreeBSD 12.1 has been released as the first incremental update to last year’s FreeBSD 12. The current FreeBSD already supports the latest desktop environments such as KDE Plasma 5.17.x / Wayland / Gnome 3.28.x. It is more convenient to use as a personal workstation system with the package manager.

Drew Gallatin of Netflix presented at the recent EuroBSDcon 2019 conference in Norway on the company’s network stack optimizations to FreeBSD. Netflix was working on being able to deliver 200Gb/s network performance for video streaming out of Intel Xeon and AMD EPYC servers, to which they are now at 190Gb/s+ and in the process that doubled the potential of EPYC Naples/Rome servers and also very hefty upgrades too for Intel.

Netflix has long been known to be using FreeBSD in their data centers particularly where network performance is concerned. But in wanting to deliver 200Gb/s throughput from individual servers led them to making NUMA optimizations to the FreeBSD network stack. Allocating NUMA local memory for kernel TLS crypto buffers and for backing files sent via sentfile were among their optimizations. Changes to network connection handling and dealing with incoming connections to Nginx were also made.

With yesterday’s article about the NUMA improvements to FreeBSD’s network stack made by Netflix in their quest to serve 200Gb/s encrypted video content per server, in no time the forum comments were quick to theorize whether those changes would work their way back upstream to all FreeBSD users or due to the BSD license would be held as a guarded secret by the company. Fortunately, Netflix continues to impress when it comes to their open-source contributions.

FSF/FSFE/GNU/SFLC

Beyond GCC 9 having deprecated Solaris 10 support and that code now removed ahead of the GCC 10 release in a few months, the GNU Debugger (GDB) is also moving forward with its plan to obsolete Solaris 10.

Developer Rainer Orth re-affirmed plans last month to obsolete the Solaris 10 support after originally initiating the discussion last year. For the GDB 9.1 release is when he plans to have the Solaris 10 support removed.

Registration has officially opened for LibrePlanet 2020! Mark your calendars: the conference will be held on March 14 and 15, 2020, in the Boston area. Scholarship applications, exhibitor registration, and sponsor opportunities are also open now. For those of you who haven’t been to the LibrePlanet conference before: expect a friendly, social, community-focused event with two days of inspiring talks and workshops from some of the most prominent people in the free software community.

Free software is software that you can run, copy, distribute, study, change, and improve as you please. While these freedoms are rights that belong to the individual, they are also intrinsically linked to the concept of community and sharing. It’s imperative that we be permitted to use, examine, and alter software as we choose, but we also demand the right to share our improvements with the wider community.

Working Together for Free Software is one of our initiatives that focuses on the broader world of free software: the community, programs, and funding that we?re coalescing to mount the crucial resistance to the abuses of proprietary software. This is a category that covers a lot of people and a lot of work, and the Working Together for Free Software Fund is just one piece of the picture.

This fund enables important, mission-aligned free software projects to utilize the FSF?s nonprofit infrastructure to enhance their fundraising and other capabilities, without the labor and costs of becoming a 501(c)(3) nonprofit on their own. This gives them access to the organizational strengths of the FSF, plus additional capacity and unique benefits.

While all of the projects under the umbrella of the Working Together for Free Software Fund are absolutely worthy of your attention and donations, today we’re highlighting just a few projects with some noteworthy announcements. Want to know if your free software project qualifies?

Programming/Development

Python is one of the most popular programming languages out there, and entire sites – such as Instagram, Reddit and Mozilla – have been built on it. The main advantages are readability, logical flow and the usage of libraries to get more work done with less code.

As Python is modular and extensible, it might find a strong match in the Internet of things. Let’s look into the pros and cons of Python when used in IoT systems.

Call for Proposal deadlines are fast approaching. PyCon US is looking for speakers of all experience levels and backgrounds to contribute to our conference program. We want you and your ideas at PyCon US!

Be sure to create your account on us.pycon.org/2020 in order to access all the submission forms.

The latest feature release Git v2.24.0 is now available at the
usual places. It is comprised of 544 non-merge commits since
v2.23.0, contributed by 78 people, 21 of which are new faces.
The tarballs are found at:
https://www.kernel.org/pub/software/scm/git/
The following public repositories all have a copy of the 'v2.24.0'
tag and the 'master' branch that the tag points at:
url = https://kernel.googlesource.com/pub/scm/git/git
url = git://repo.or.cz/alt-git.git
url = https://github.com/gitster/git
New contributors whose contributions weren't in v2.23.0 are as follows.
Welcome to the Git development community!
Alexandr Miloslavskiy, Ali Utku Selen, Ben Milman, Cameron
Steffen, CB Bailey, Christopher Diaz Riveros, Garima Singh,
Hervé Beraud, Jakob Jarmar, kdnakt, Kunal Tyagi, Maxim
Belsky, Max Rothman, Norman Rasmussen, Paul Wise, Pedro Sousa,
Philip.McGraw, Pratyush Yadav, Thomas Klaeger, William Baker,
and YanKe.
Returning contributors who helped this release are as follows.
Thanks for your continued support.
Adam Roben, Ævar Arnfjörð Bjarmason, Alessandro Menti,
Alexander Shopov, Alex Henrie, Andrey Mazo, Beat Bolli, Ben
Wijen, Bert Wesarg, Birger Skogeng Pedersen, brian m. carlson,
Carlo Marcelo Arenas Belón, Christian Couder, Clément Chigot,
Corentin BOMPARD, David Turner, Denton Liu, Derrick Stolee,
Elijah Newren, Emily Shaffer, Eric Wong, Gabriele Mazzotta,
Jean-Noël Avila, Jeff Hostetler, Jeff King, Jiang Xin, Johannes
Schindelin, Johannes Sixt, Jonathan Tan, Jon Simons, Jordi Mas,
Josh Steadmon, Junio C Hamano, Martin Ågren, Masaya Suzuki,
Matheus Tavares, Matthew DeVore, Matthias Rüster, Michael
J Gruber, Mike Hommey, Mischa POSLAWSKY, Paul Mackerras,
Peter Krefting, Phillip Wood, René Scharfe, Robert Luberda,
Stephen Boyd, Stephen P. Smith, Sun Chao, SZEDER Gábor,
Tanay Abhra, Taylor Blau, Thomas Gummerer, Tobias Klauser,
Torsten Bögershausen, Trần Ngọc Quân, and Varun Naik.
----------------------------------------------------------------
Git 2.24 Release Notes
======================
Updates since v2.23
-------------------
Backward compatibility note
* "filter-branch" is showing its age and alternatives are available.
From this release, we started to discourage its use and hint
people about filter-repo.
UI, Workflows & Features
* We now have an active interim maintainer for the Git-Gui part of
the system. Praise and thank Pratyush Yadav for volunteering.
* The command line parser learned "--end-of-options" notation; the
standard convention for scripters to have hardcoded set of options
first on the command line, and force the command to treat end-user
input as non-options, has been to use "--" as the delimiter, but
that would not work for commands that use "--" as a delimiter
between revs and pathspec.
* A mechanism to affect the default setting for a (related) group of
configuration variables is introduced.
* "git fetch" learned "--set-upstream" option to help those who first
clone from their private fork they intend to push to, add the true
upstream via "git remote add" and then "git fetch" from it.
* Device-tree files learned their own userdiff patterns.
(merge 3c81760bc6 sb/userdiff-dts later to maint).
* "git rebase --rebase-merges" learned to drive different merge
strategies and pass strategy specific options to them.
* A new "pre-merge-commit" hook has been introduced.
* Command line completion updates for "git -c var.name=val" have been
added.
* The lazy clone machinery has been taught that there can be more
than one promisor remote and consult them in order when downloading
missing objects on demand.
* The list-objects-filter API (used to create a sparse/lazy clone)
learned to take a combined filter specification.
* The documentation and tests for "git format-patch" have been
cleaned up.
* On Windows, the root level of UNC share is now allowed to be used
just like any other directory.
* The command line completion support (in contrib/) learned about the
"--skip" option of "git revert" and "git cherry-pick".
* "git rebase --keep-base <upstream>" tries to find the original base
of the topic being rebased and rebase on top of that same base,
which is useful when running the "git rebase -i" (and its limited
variant "git rebase -x").
The command also has learned to fast-forward in more cases where it
can instead of replaying to recreate identical commits.
* A configuration variable tells "git fetch" to write the commit
graph after finishing.
* "git add -i" has been taught to show the total number of hunks and
the hunks that has been processed so far when showing prompts.
* "git fetch --jobs=<n>" allowed <n> parallel jobs when fetching
submodules, but this did not apply to "git fetch --multiple" that
fetches from multiple remote repositories. It now does.
* The installation instruction for zsh completion script (in
contrib/) has been a bit improved.
Performance, Internal Implementation, Development Support etc.
* The code to write commit-graph over given commit object names has
been made a bit more robust.
* The first line of verbose output from each test piece now carries
the test name and number to help scanning with eyeballs.
* Further clean-up of the initialization code.
* xmalloc() used to have a mechanism to ditch memory and address
space resources as the last resort upon seeing an allocation
failure from the underlying malloc(), which made the code complex
and thread-unsafe with dubious benefit, as major memory resource
users already do limit their uses with various other mechanisms.
It has been simplified away.
* Unnecessary full-tree diff in "git log -L" machinery has been
optimized away.
* The http transport lacked some optimization the native transports
learned to avoid unnecessary ref advertisement, which has been
corrected.
* Preparation for SHA-256 upgrade continues in the test department.
(merge 0c37c41d13 bc/hash-independent-tests-part-5 later to maint).
* The memory ownership model of the "git fast-import" got
straightened out.
* Output from trace2 subsystem is formatted more prettily now.
* The internal code originally invented for ".gitignore" processing
got reshuffled and renamed to make it less tied to "excluding" and
stress more that it is about "matching", as it has been reused for
things like sparse checkout specification that want to check if a
path is "included".
* "git stash" learned to write refreshed index back to disk.
* Coccinelle checks are done on more source files than before now.
* The cache-tree code has been taught to be less aggressive in
attempting to see if a tree object it computed already exists in
the repository.
* The code to parse and use the commit-graph file has been made more
robust against corrupted input.
* The hg-to-git script (in contrib/) has been updated to work with
Python 3.
* Update the way build artifacts in t/helper/ directory are ignored.
* Preparation for SHA-256 upgrade continues.
* "git log --graph" for an octopus merge is sometimes colored
incorrectly, which is demonstrated and documented but not yet
fixed.
* The trace2 output, when sending them to files in a designated
directory, can populate the directory with too many files; a
mechanism is introduced to set the maximum number of files and
discard further logs when the maximum is reached.
* We have adopted a Code-of-conduct document.
(merge 3f9ef874a7 jk/coc later to maint).

Health/Nutrition

“The function of healthcare is to provide healthcare to all people, not to make $100 billion in profits for the insurance companies and the drug companies. Elizabeth Warren and I agree on that. We do disagree on how you fund it.”

A Belarusian court has sentenced a 38-year-old Russian woman to 17 years in prison for drug trafficking. She was arrested in May of 2019 at the border between Belarus and Poland, where border control officials found a number of secret compartments in her car. The compartments, which were protected by electromagnetic locks, contained 100 packs of ecstasy weighing a total of 100 kilograms (220 lbs) and two packs of hashish weighing 357 grams (0.79 lbs) in total. Belarus’s customs committee reported that the psychotropic drug seizure was the country’s largest in 25 years.

Google has released today the Android Security Patch for November 2019 to address various security vulnerabilities and fix bugs in its latest Android 10 mobile operating system.
Consisting of the 2019-11-01 and 2019-11-05 security patch levels, the Android Security Patch for November 2019 is here to address a total of 38 security vulnerabilities in various of Android’s core components, including the Android Framework, Android Library, Media framework, Android System, Kernel components, and Qualcomm components. Users are urged to install the Android Security Patch for November 2019 update on their devices as soon as possible.

The Chrome Security Team said the use-after-free vulnerability allowed hackers to execute arbitrary code on infected devices. One of the vulnerabilities exists in the browser’s audio component (CVE-2019-13720), while the other exists in the PDFium library (CVE-2019-13721). All three major platforms of Windows, macOS, and GNU/Linux couldn’t pass this

For many organizations implementing privileged access management (PAM) has become high on the priority list – and for good reason. Privileged access is the route to an organization’s most valuable information and assets and protecting them is paramount.

However, many organizations lack visibility into where privileged accounts, credentials and secrets exist. The privilege-related attack surface is often much broader than anticipated. So before you get started with any PAM deployment, there’s one big question you need to answer: How Do You Prioritize Risk?

Trump keeps talking about taking Syrian oil. In fact, many of those 1,000 special operations troops he pulled out, sending them to Iraq, are mostly back in Syria now, but in Deir al-Zor rather than up north. That is because the lion’s share of Syrian petroleum is in Deir al-Zor province.

The opening of Geneva talks of a Syrian constitutional committee organized by the latest UN representative for Syria, Geir Pedersen, brings to mind the famous adage attributed to Winston Churchill; “It is better to jaw jaw than to war war.” One hundred fifty Syrians from the government, opposition and civil society are meeting in the city of Calvin to work on a document that will form the basis of a future “credible, inclusive, and non-sectarian” government.

Islam Kadyrov, the former mayor of Grozny and the second cousin once removed of Chechen government leader Ramzan Kadyrov, has confessed to torturing fraud suspects using a taser. Islam Kadyrov apologized for his actions in a live Instagram video interview with Chingiz Akhmadov, a journalist for the same outlet that first revealed Kadyrov’s involvement in the torture.

Some are fascinated with her: they see her as a hero, as a Joan of Arc of modern times or as a Mafalda, with a political agenda to preserve planet Earth and as such, represents the younger generations as more intelligent than that of their parents. Others are angry: they see her as a naïve puppet of opaque adult interests and they make fun of her.

Energy

We know that this has been a difficult period for you, and there’s never really a good time to break up. But it’ll be better for you (and us) if we just rip off the bandage quickly and get it over with. We’ve had some fun times together, and we’re grateful for what you’ve given us: food, clothing, shelter, and of course energy.

Signs of a resurgent American labor movement are all around us, with no better example than the 40-day General Motors strike that began Sept. 16 and lasted well through October. While GM recovered after filing for bankruptcy in 2009, with the help of its workers and government bailouts, many of the American company’s employees have not felt the impact despite a booming economy.

There can be no question about it. Donald Trump is Lewis Carroll’s Queen of Hearts. “Off with his head!” was the president’s essential suggestion for—to offer just one example—a certain whistleblower who fingered him on that now notorious Ukrainian phone call.

Mikhail Svetov, who has become the public face of Russia’s Libertarian Party in recent months, has announced his departure from the party’s federal board. “I’ve stepped down from my position on the federal committee of the LPR [Libertarian Party of Russia],” Svetov tweeted, adding, “I haven’t left the party, don’t worry ^_^ But I’ll be taking a break to work on my book and other projects.”

Our democracy is not in peril—we do not live in a democracy. The image of our democracy is in peril. The deep state—the generals, bankers, corporatists, lobbyists, intelligence chiefs, government bureaucrats and technocrats—is intent on salvaging the brand.

Noam Chomsky may be 91 years old, but the man who The Intercept’s Mehdi Hasan calls “the most cited author alive” is in no danger of slowing down. As a linguist and activist, Chomsky has spoken out against American imperialism and for leftist causes since the 1960s. While he continues to do so during the Trump administration, that doesn’t mean his opinions can be pigeonholed — he’s equally tough on Democrats who fail to stand up to President Donald Trump and for progressive policies as he is on Republicans who prop up his presidency.

Censorship/Free Speech

The Russian social media network VKontakte has released an experimental function for its interface that aims to discourage users from posting offensive comments. The network’s press service announced the new feature on November 4.

Dmitry Kiselyov, the Russian state media system’s most prominent pundit, argued on his show Vesti Nedeli that higher learning in the humanities breeds social unrest. His November 3 segment on the topic can be found in full here; it is paraphrased in brief below.

November is National American Indian Heritage Month, a time set aside to pay tribute to the rich ancestry and traditions of Native Americans. The Library of Congress, National Endowment for the Humanities, National Gallery of Art, National Park Service, and Smithsonian Institution are just a few of the many organizations participating with special programs.

NOAA’s support happens on a daily basis, as the agency is responsible for enforcing the Coastal Zone Management Act, legislation that dictates national standards for the stewardship and conservation of coastal resources. NOAA partners with state agencies and tribes to protect the natural resources that often represent the foundation of tribal communities and their traditions. Some examples are provided below.

Monopolies

Patents and Software Patents

Open Invention Network (OIN), the largest patent non-aggression community in history, and Toshiba Group (Toshiba) announced today that Toshiba has joined as a community member. As a global leader in innovatively pairing real-world technologies and digital technologies, Toshiba is leading the evolution of cyber-physical systems in the energy, social infrastructure, electronic devices and digital solutions industries.

“Toshiba helps businesses modernize their physical and digital systems with technologies that rely heavily on Linux and embedded Linux, like the Internet of Things (IoT) in industries that include automotive, industrial, data center, retail, energy and infrastructure, among many others,” said Keith Bergelt, CEO of OIN. “Given Toshiba’s significant patent holdings, we are pleased that the company has recognized the importance of participating in OIN as part of its IP strategy.”

Share this post:These icons link to social bookmarking sites where readers can share and discover new web pages.

Pages that cross-reference this one

What Else is New

Torvalds and others who are middle-aged (or older) males are often torpedoed using weakly-backed allegations (or insinuations/innuendo) of sexism; that does not seem to matter and won't matter when they treat men the same (or worse)

Linus Torvalds was not fully canceled; nor was Richard Stallman, who's still heading the GNU Project (under conditions specified by those looking to oust him; people who code for Microsoft GitHub and many IBM employees)

General Hugh Shelton, Chairman of the Board of Red Hat, explains (keynote in 2011 Red Hat Summit/JBoss World) that he was introduced to the system as part of a military campaign; it basically helped war, not antiwar

Techrights examines Red Hat’s (IBM’s) hypocritical claims about the Free Software Foundation, founded by Richard Stallman back when IBM was the “big scary monopolist”; IBM employees were prominent among those pushing to oust Stallman from the GNU Project, which he founded, as well

The (in)famous letter against Richard Stallman (RMS), which was signed by many Red Hat employees with Microsoft (GitHub) accounts, doesn’t look particularly good in light of recent revelations/findings; it increasingly looks like IBM simply wants Microsoft-hosted and “permissively” licensed stuff, just like another project it announced yesterday and another that it promoted yesterday

One might not expect this from a so-called 'charity'; the Gates Foundation's critics are often met with unprecedented aggression, threats and retribution, which make one wonder if it's really a charity or a greedy cult of personalities (Bill and Melinda)

The assault on the media by Bill Gates is a subject not often explored by the media (maybe because a lot of it is already bribed by him); but we're beginning to gather new and important evidence that explains how critics are muzzled (even fired) and critical pieces spiked, never to see the light of day anywhere

Microsoft buying GitHub does not demonstrate that Microsoft loves Open Source (GitHub is not Open Source and may never be) but that it loves monopoly and coercion (what GitHub is all about and why it must be rejected)

The European Patent Office (EPO) keeps granting fake patents that cause a lot of real harm (examiners are pressured to play along and participate in this unlawful agenda); nobody is happy except those who profit from needless, frivolous lawsuits

After contributing to the cancellation of Richard Stallman (RMS) based on some falsehoods perpetuated in the media we're seeing the sort of thing one might expect from IBM (more so now that it totally controls Fedora and RHEL)

The coup to remove (or remove power from) Stallman and Torvalds, the GNU and Linux founders respectively, is followed by outsourcing of their work to Microsoft’s newly-acquired monopoly (GitHub) and appointment of Microsoft workers or Microsoft-friendly people, shoehorning them into top roles under the disingenuous guise of "professionalism"